PT-2025-35339 · Unknown · Corporate Training Management System
Published
2025-08-30
·
Updated
2026-01-30
·
CVE-2025-54945
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
SUNNET Corporate Training Management System versions prior to 10.11
Description
A file name or path vulnerability exists in SUNNET Corporate Training Management System that allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
Recommendations
Update SUNNET Corporate Training Management System to version 10.11 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Corporate Training Management System